Hello!
Is there a recommended way to integrate PHP with the Valence portal, such that PHP scripts are only executed by authenticated sessions? If not, maybe a PHP script can be called via the “non-secure” method and have the PHP script call the vvSecure_isLoggedIn procedure in order to make sure the session is logged in?

This is a good question.

If you want to just check to make sure the user is logged in you can call vvSecure_isLoggedIn. This is undocumented in the Valence API docs, but you can see how to call it by looking at the source code in module VVSECURE. You could also modify your PHP scripts to look directly at the record in the VVSESS file. After logging into the Valence Portal, take a look at your session record in file VVSESS. There's a key in there with your session id and variable name VVSESSDS. This record, defined by the VVSESSDS data structure, has all the information about the session.

I guess that would also apply to any existing CGI application that we may not want to change at the moment.

-thanks,
Hugo.